The amount of money paid to ransomware attackers dropped significantly in 2022, and it’s not because the number of attacks has dropped. According to a report by blockchain analytics firm Chainalysis, the reason for this decline is that victims are no longer willing to pay the requested money. According to estimates, since 2019, ransom payments have dropped from 76 percent to 41 percent.
Chainalysis data shows that total ransomware revenue has dropped to $456.8 million in 2022. In 2021, this figure stood at $765.6 million. “Evidence suggests this is due to victims’ growing reluctance to pay ransomware attackers,” the firm says.
Citing the cybersecurity firm Recorded Future’s work on ransomware groups’ data collection from data leak sites, the researchers wrote that the number of attacks between 2021 and 2022 decreased by 10.4 percent. Still, there is a large gap between the number of ransomware attacks and the ransom payments made.
So why do companies stop paying the ransom? There are a number of factors, the most important of which is that the payment can have serious legal consequences.
For example, in 2021, the U.S. Treasury Department announced possible sanctions against companies paying ransom through the Office of Foreign Asset Control (OFAC). Moreover, cyber security insurance companies are more scrutinized in the payments to be made against such attacks.
In addition, before an insurance policy is issued or renewed, the organization is required to demonstrate that it has tools such as strong cybersecurity policies. Companies with these tools are less likely to be seriously injured by an attack or pay the ransom.